From owner-freebsd-current  Mon Oct 26 11:17:37 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id LAA10591
          for freebsd-current-outgoing; Mon, 26 Oct 1998 11:17:37 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from smtp02.primenet.com (smtp02.primenet.com [206.165.6.132])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA10584
          for <freebsd-current@FreeBSD.ORG>; Mon, 26 Oct 1998 11:17:35 -0800 (PST)
          (envelope-from tlambert@usr04.primenet.com)
Received: (from daemon@localhost)
	by smtp02.primenet.com (8.8.8/8.8.8) id MAA08159;
	Mon, 26 Oct 1998 12:16:57 -0700 (MST)
Received: from usr04.primenet.com(206.165.6.204)
 via SMTP by smtp02.primenet.com, id smtpd008118; Mon Oct 26 12:16:52 1998
Received: (from tlambert@localhost)
	by usr04.primenet.com (8.8.5/8.8.5) id MAA15070;
	Mon, 26 Oct 1998 12:16:50 -0700 (MST)
From: Terry Lambert <tlambert@primenet.com>
Message-Id: <199810261916.MAA15070@usr04.primenet.com>
Subject: Re: [Q]: Buildworld without secure libs (to use MD5 passwords)
To: jkh@time.cdrom.com (Jordan K. Hubbard)
Date: Mon, 26 Oct 1998 19:16:50 +0000 (GMT)
Cc: tlambert@primenet.com, john.saunders@scitec.com.au,
        freebsd-current@FreeBSD.ORG
In-Reply-To: <10639.909296170@time.cdrom.com> from "Jordan K. Hubbard" at Oct 24, 98 11:16:10 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > Still, even if the new file must stay, it would be nice to know
> > that at least it was the result of someone is steering, instead
> > of being the result of people not communicating.
> 
> "Dear Terry, we were here and we waited for you, but you didn't show up.  What
>  happened?  Signed - Jordan & Mark"
> 
> This _was_ discussed in -current.  I raised the issue of disabling
> things like kerberos authentication for kerberized binaries and
> setting the default password time.  Discussion ensued.  Code was
> thrown indiscriminately around.  Things evolved and Mark subsequently
> committed the kerberos knob.  The password knob remains to follow.

Are you sure it wasn't discussed on -committers or -core instead?

It's pretty obvious that the "knob" to use is the existance of the
symbol in the shared library.  I know this idea isn't popular, since
a system with a corrupt /kernel is ever so much more likely to boot
than one with a corrupt /libexec/ld.so.1.  Not.

As far as disabling goes -- don't you just say "rlogin -K" instead
of "rlogin", etc.?


					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message